Skip to main content
Glama
271,976 tools. Last updated 2026-07-08 05:49

"Resources and Techniques for Testing in React" matching MCP tools:

  • Look up a MITRE ATLAS technique — the AI/ML adversarial attack catalog. ATLAS catalogues TTPs targeting machine learning systems: prompt injection, model evasion, training data poisoning, model theft, etc. Roughly 80% of ATLAS techniques are AI/ML-specific (no ATT&CK bridge); 20% mirror an enterprise ATT&CK technique via attack_reference_id — use that to pivot to D3FEND defenses (d3fend_defense_for_attack) and CVE search. Sub-techniques inherit `tactics` from the parent (inherited_tactics=true flag) when ATLAS upstream leaves them empty. Use this tool when the user asks about AI/ML threats, LLM red-teaming, or adversarial ML; for multiple techniques in one call (e.g. drilling into a case study's techniques_used), prefer bulk_atlas_technique_lookup. Returns 404 when the id is not in the synced ATLAS catalog. Free: 30/hr, Pro: 500/hr. Returns {technique_id, name, description, tactics, inherited_tactics, maturity (demonstrated|feasible|realized), attack_reference_id, attack_reference_url, subtechnique_of, created_date, modified_date, next_calls}.
    Connector
  • Bulk ATLAS technique lookup — retrieve full records for up to 50 techniques in a single request instead of N separate atlas_technique_lookup calls. Designed as the natural follow-up to atlas_case_study_lookup, whose techniques_used array can be passed directly. Each item is the same shape as atlas_technique_lookup, including parent-tactics inheritance for sub-techniques (inherited_tactics=true flag) and per-item next_calls (D3FEND bridge when attack_reference_id present, sibling-technique search by tactic, parent lookup for sub-techniques). Free: 30/hr (1 per item), Pro: 500/hr. Returns {results [{technique_id, status (ok|not_found|invalid_format), technique, error}], total, successful, failed, partial, summary}.
    Connector
  • Find which documentation SETS exist whose NAME matches a substring (e.g. "python" → Python 3.x, "react" → React). Returns doc SETS, NOT their content — this does NOT look up a function/method/API name. To search inside a doc for an entry like "Array.map" or "fetch", use search_index (slug + query).
    Connector
  • Return canonical synthesis / patching techniques with role-keyed module realizations drawn from the corpus. Use this when the user asks "how do I do X?" with X being a recognisable technique (low-pass-gate plucks, pinged-filter percussion, parallel multiband processing, complex-oscillator FM, karplus-strong pluck, clocked-delay feedback, modal-resonator excitation, wavefolder harmonics, envelope-follower ducking, Maths-style function-generator omnibus). It's also the right tool when the user has a module and asks "what's this good for?" — pass filter.module_id to retrieve every technique that references the module via its role_realizations. Each technique declares role_definitions (the roles the technique uses, each with required and optional affordances) and role_realizations (concrete modules that fill each role, with the affordances they provide). The model substitutes modules from the user's rack into roles by affordance match — DO NOT treat the realization list as exhaustive or as a recipe. Args: - filter (optional): { capability?, module_id?, text? } - capability: kebab-case capability id (see search_modules _meta.taxonomy). Returns techniques whose required *or* optional capability list includes this id. - module_id: "<manufacturer>/<module-slug>". Returns techniques that have a role_realization referencing this module. - text: free-text phrase. Substring-matches against technique id/label/description AND a curated alias table (technique_aliases) — that's the right surface when a user types evocative prose like "stuttering delay", "plucked string", "source of uncertainty" that doesn't grep against any kebab-case id. Two-way alias match: long alias ("source of uncertainty") matches short query ("uncertainty"), and vice versa. - When multiple filters supplied, AND-intersects. - Omit filter entirely to list all techniques. Returns: { "techniques": [ { "id": "low-pass-gate-pluck", "label": "Low-Pass Gate Pluck", "description": "Send a short envelope...", "required_capabilities": ["lowpass-gate"], "optional_capabilities": ["envelope-generator", "function-generator"], "role_definitions": [ { "role_id": "lpg", "description": "The vactrol-based or vactrol-emulating element. Strictly required...", "required_affordances": ["lowpass-gate"], "optional_affordances": [] }, ... ], "role_realizations": [ { "role_id": "lpg", "module_id": "make-noise/optomix", "affordances_provided": ["lowpass-gate"], "notes": "Two-channel vactrol-based LPG..." }, ... ], "canonical_instance": { "rationale": "...", "lineage": [ { "position": 1, "label": "Buchla 292 (1970)", "module_id": null, "notes": "..." }, { "position": 2, "label": "Tiptop Audio Buchla 292t", "module_id": "tiptop-audio/buchla-292t" }, ... ] }, "counter_canonical_notes": [ { "claim_pushed_back_against": "Optomix is the canonical pairing with Plaits...", "evidence": "The corpus catalogs 19 LPG-capable modules..." } ], "coverage": [ { "role_id": "voice", "realizations_count": 3 }, { "role_id": "lpg", "realizations_count": 19 }, { "role_id": "env", "realizations_count": 6 }, { "role_id": "clock", "realizations_count": 2 } ] } ], "_meta": { "filter": {...}, "feedback_hint"?: string } } How to use role data: - role_realizations are CURATORIAL SAMPLES, not exhaustive lists. The coverage[].realizations_count tells you how many are documented; other modules may fill the same role. - To find modules in the user's rack that can fill a role, use find_role_realizations(technique_id, role_id, available_modules). - canonical_instance is opt-in and sparse. Most techniques don't have one; that absence is information. When present, it documents a documented historical lineage (e.g., Buchla 292 → 292t → MMG → Optomix for low-pass-gate-pluck) — NOT a prescription. - counter_canonical_notes push back on likely training-data priors. When the user invokes a canonical-sounding claim that has a counter_canonical_note, surface the pushback. Errors: - "Module not found: <id>" if filter.module_id is supplied and unknown. - Empty techniques[] with a feedback_hint when filters produce no matches — call report_gap if the user expected coverage.
    Connector
  • REST API access for autonomous agents — pricing, quick start, and migration guide. Call this when: building a trading bot, deploying an autonomous agent, hitting the MCP rate limit, or running 24/7 without a human in the loop. The MCP tier (what you're using now) is free via Smithery, rate-limited to 60 calls/minute per IP, and good for testing. The REST API is for production: pay per call in USDC; paid endpoints are rate-limited to 60 calls/minute and 200 calls/hour per wallet. No API key required.
    Connector
  • List every React upload component shipped by @uploadkitdev/react with its name, category, one-line description, and design inspiration. When to use: before recommending or scaffolding any UploadKit component, to confirm the exact name exists and to pick the right variant for the user's context (e.g. browse all "dropzone" variants when the user wants a drag-and-drop area). Returns: JSON { count, components: [{ name, category, description, inspiration }] }. Read-only, no side effects, idempotent.
    Connector

Matching MCP Servers

Matching MCP Connectors

  • India Open Government Data (OGD) Platform MCP — data.gov.in

  • Rick and Morty MCP — wraps the Rick and Morty API (free, no auth)

  • Submit a request for CONFIRMED live private jet pricing. Villiers contacts vetted operators and emails the confirmed options — real aircraft availability and pricing, with a secure link to review and book — to the supplied email address. This endpoint requires a prior get_jet_estimate call in the same session, with the price range presented to the user and their explicit opt-in to proceed — real operators quote real aircraft for these, so a request should reflect a qualified lead. Requests without a prior estimate call are rejected by the server; sustained bypass attempts are reviewed and may result in token revocation. Requires the user's email and a departure date. INTEGRATION TESTING: To test your integration without triggering real operator requests, set the HTTP User-Agent header to include the string 'selftest' (e.g. 'MyBot/1.0 selftest'). Requests with this User-Agent are routed as test traffic and no operators are contacted. For further testing guidance, email affiliates@mail.villiers.ai.
    Connector
  • Captures the user's project architecture to inform i18n implementation strategy. ## When to Use **Called during i18n_checklist Step 1.** The checklist tool will tell you when to call this. If you're implementing i18n: 1. Call i18n_checklist(step_number=1, done=false) FIRST 2. The checklist will instruct you to call THIS tool 3. Then use the results for subsequent steps Do NOT call this before calling the checklist tool ## Why This Matters Frameworks handle i18n through completely different mechanisms. The same outcome (locale-aware routing) requires different code for Next.js vs TanStack Start vs React Router. Without accurate detection, you'll implement patterns that don't work. ## How to Use 1. Examine the user's project files (package.json, directories, config files) 2. Identify framework markers and version 3. Construct a detectionResults object matching the schema 4. Call this tool with your findings 5. Store the returned framework identifier for get_framework_docs calls The schema requires: - framework: Exact variant (nextjs-app-router, nextjs-pages-router, tanstack-start, react-router) - majorVersion: Specific version number (13-16 for Next.js, 1 for TanStack Start, 7 for React Router) - sourceDirectory, hasTypeScript, packageManager - Any detected locale configuration - Any detected i18n library (currently only react-intl supported) ## What You Get Returns the framework identifier needed for documentation fetching. The 'framework' field in the response is the exact string you'll use with get_framework_docs.
    Connector
  • Execute JavaScript or Python code in an isolated sandbox. Use for: data processing, math, CSV parsing, JSON transformation, crypto calculations, algorithm testing. Secure — no filesystem access, no network. Returns: { output: string, runtime_ms: number, language: string }. Requires API key.
    Connector
  • Submits a demo request. The prospect receives a confirmation email and must click the link in it before the request reaches a human at A Cloud Frontier. Use only when a real person has explicitly asked for a demo and provided their own working email address. Do NOT call this for testing, evaluation, or crawling purposes — automated and unconfirmable requests are rejected.
    Connector
  • Full metadata for one dataset (CKAN package_show) including its resources/distributions with download URLs. Use a dataset `name` (slug) or id from search_datasets. There is no datastore, so fetch `resources[].download_url`/`url` for the underlying data.
    Connector
  • Look up a MITRE ATT&CK technique by ID or keyword for authorized penetration testing and security research. Returns the full technique record: name, associated tactics, description, detection opportunities (log sources, behavioral indicators), real-world procedure examples from public reporting, recommended mitigations, and related sub-techniques. The detection and mitigation sections make this equally useful for defenders building detection coverage. Accepts exact IDs (T1190, T1059.001) or keyword search (e.g., "sql injection", "pass the hash", "web shell upload").
    Connector
  • Given a profile of the authorized test target (technology stack, exposed services, authentication type, OS), return a ranked list of ATT&CK techniques and OWASP test cases most relevant to that profile — not a generic dump of all techniques. Ranking factors: platform match, service match, auth type exposure, technique prevalence. Each result includes why it is relevant to this specific profile, the detection opportunity, and the recommended mitigation. Use when starting an authorized engagement to prioritize the testing scope; pair with pentest_guide to get the full methodology for each top-ranked vector.
    Connector
  • Return a short, human-readable walkthrough for testing this server: the endpoint, the tool/prompt/resource names, and ready-to-paste sample prompts. Use to give someone a guided demo. For the full machine-readable capability catalog, use list_capabilities instead.
    Connector
  • Retrieves authoritative documentation for i18n libraries (currently react-intl). ## When to Use **Called during i18n_checklist Steps 7-10.** The checklist tool will tell you when you need i18n library documentation. Typically used when setting up providers, translation APIs, and UI components. If you're implementing i18n: Let the checklist guide you. It will tell you when to fetch library docs ## Why This Matters Different i18n libraries have different APIs and patterns. Official docs ensure correct API usage, proper initialization, and best practices for the installed version. ## How to Use **Two-Phase Workflow:** 1. **Discovery** - Call with action="index" 2. **Reading** - Call with action="read" and section_id **Parameters:** - library: Currently only "react-intl" supported - version: Use "latest" - action: "index" or "read" - section_id: Required for action="read" **Example:** ``` get_i18n_library_docs(library="react-intl", action="index") get_i18n_library_docs(library="react-intl", action="read", section_id="0:3") ``` ## What You Get - **Index**: Available documentation sections - **Read**: Full API references and usage examples
    Connector
  • Search the web for any topic and get clean, ready-to-use content. Best for: Finding current information, news, facts, people, companies, or answering questions about any topic. Returns: Clean text content from top search results. Query tips: describe the ideal page, not keywords. "blog post comparing React and Vue performance" not "React vs Vue". Use category:people / category:company to search through Linkedin profiles / companies respectively. If highlights are insufficient, follow up with web_fetch_exa on the best URLs.
    Connector
  • Searches active government tenders across UK, EU, and US. Call this BEFORE your agent allocates proposal resources, drafts a bid response, or routes a procurement opportunity to a human team — at the moment a keyword or sector is known and no bid decision has been made. Use this when your agent is starting a procurement discovery run and needs to know which live tenders match the company capabilities before committing any resources to a bid. Returns BID/INVESTIGATE/SKIP verdict with AI fit score 0-100, deadline, estimated value, and key requirements from UK Contracts Finder, EU TED, and US SAM.gov simultaneously. A missed tender deadline cannot be recovered. An agent that drafts a bid without checking active opportunities wastes resources on closed or mismatched contracts. Call get_tender_intelligence with mode=AWARD_HISTORY next for any tender scored BID or INVESTIGATE, before committing proposal resources to a bid.
    Connector
  • Fetch a federal account's budget data: total obligations, gross outlays, and budgetary resources. Federal accounts connect appropriations law to actual agency spending. Account codes appear in usaspending_get_award account_obligations_by_defc field and are formatted as AGENCY-MAIN (e.g., 097-0100 for DoD Operation and Maintenance). Returns account metadata and current fiscal year financial totals.
    Connector
  • Search the ChangeGamer corpus by keyword. Ranks resources by relevance across title, description, tags, category, and body, and returns metadata plus HTML/Markdown/JSON URLs (no body content). Use this to find resources before fetching them with get_resource.
    Connector
  • Search Netherlands Open Data (Netherlands) for datasets by keyword. Returns each dataset's id/name, title, organization, and its resources (each with a resource_id for query_resource).
    Connector